Cross-Site Scripting (XSS) Vulnerability in SafeHTML's _writeAttrs Function

Cross-Site Scripting (XSS) Vulnerability in SafeHTML's _writeAttrs Function

CVE-2005-1638 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

The _writeAttrs function in SafeHTML before 1.3.2 does not properly handle quotes in attribute values, which could allow remote attackers to exploit cross-site scripting (XSS) vulnerabilities in applications that rely on SafeHTML for protection.

Learn more about our Web Application Penetration Testing UK.